NVIDIA security vulnerability (CVE-2024-0128)

CVE-2024-0128 is a vulnerability identified in NVIDIA’s vGPU software, specifically in the Virtual GPU Manager. This flaw allows a user operating within a guest OS to access global resources improperly. If exploited successfully, it can lead to information disclosure, data tampering, and privilege escalation.

Affected versions include all releases prior to version 17.4 and 16.8 of vGPU, as well as the October 2024 update. To mitigate the risk, users should update to the patched versions.

The vulnerability is categorized under CWE-732 Incorrect Permission Assignment for Critical Resource.

See more details on: